PoliSync.ai

Home

Policy Delivery

Platform

FAQs

Request delivery

Sign In

(UK/EU GDPR Compliant, Trading as CogniOps Studio Ltd)

Privacy Policy

Last Updated: 08 December 2025

1. Who We Are

PoliSync.ai ("we", "us", "our") is a trading name of CogniOps Studio Ltd, a company registered in England and Wales.

  • Registered Name: CogniOps Studio Ltd
  • Trading Name: PoliSync.ai
  • Email: support@polisync.ai
  • Registered Office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
  • Data Protection Contact: security@polisync.ai

We provide an AI-powered platform to help organisations generate, manage, and store internal policies, templates, compliance documents, and staff acknowledgements.

Data Controller and Processor Roles

PoliSync.ai acts as a data controller for account, billing, and platform usage data. For workspace content and organisational data uploaded by customers, PoliSync.ai acts as a data processor on behalf of the workspace owner, in accordance with our Data Processing Agreement.

This aligns Privacy + DPA and avoids ambiguity.

2. What This Policy Covers

This Privacy Policy explains:

  • What personal data we collect
  • How we use it
  • How we store and protect it
  • Your rights
  • How to contact us about privacy

3. What Personal Data We Collect

A. Account Information

When you create a PoliSync.ai account, we process:

  • Name
  • Email address
  • Password, hashed via Supabase; we never see or store raw passwords
  • Workspace name

B. Workspace and Organisational Data

Depending on how you use the platform, you may upload:

  • Company details, such as name, industry, region, staff count
  • Staff email addresses for invitations
  • Policy content, templates, or uploaded documents
  • Internal operational notes, approvals, or logs

C. Billing Information

Billing is handled securely by Stripe. We never store card numbers or payment details.

D. AI Usage Data

When generating policies, we may send anonymised or structured prompts to our AI provider to produce draft content. We do not send raw user-uploaded documents or sensitive personal data.

E. Technical Data

We collect standard technical information, including:

  • IP address
  • Browser type
  • Device information
  • Usage logs, such as errors and page interactions

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain the service, including authentication, workspaces, and templates
  • Generate AI-powered content based on the details you enter
  • Support operational features, such as version tracking, approvals, and activity logs
  • Communicate with you, including service emails, updates, and billing notices
  • Maintain security, detect misuse, and prevent unauthorised access
  • Comply with legal obligations, such as tax, accounting, and audit

We never sell or rent personal data.

We rely on the following legal bases for processing personal data:

  • Contractual necessity, to deliver the platform to registered users
  • Legitimate interests, for improving features and preventing abuse
  • Consent, where analytics or marketing preferences apply
  • Legal obligation, for accounting, tax reporting, or fraud prevention

6. Data Storage and Transfers

Your data is stored in EU and UK-capable regions via:

  • Supabase for authentication, database, and storage
  • Stripe for billing
  • AI provider for policy generation

Where cross-border transfers occur, we apply appropriate safeguards, such as standard contractual clauses and data processing agreements.

International data transfers may occur where our approved sub-processors operate outside the UK or EU.

7. Data Retention

  • Account data: retained while your account is active
  • Billing data: retained for 6 to 7 years to meet legal requirements
  • Backups: retained according to rolling retention schedules
  • Workspace content: retained until deleted by the workspace admin

You may request deletion of your data at any time. Contact security@polisync.ai to submit a request.

8. How We Protect Your Data

We use industry-standard measures to protect personal data, including:

  • Encryption at rest and in transit
  • Password hashing
  • Role-based access control
  • Activity logging
  • Regular internal reviews

9. Your Rights (UK and EU GDPR)

You may request the following:

  • Access to your data
  • Correction of inaccurate data
  • Deletion, the right to be forgotten
  • Restriction of processing
  • Data portability
  • Objection to certain processing

To exercise any rights, contact: security@polisync.ai.

10. Third-Party Services

We use reputable sub-processors to provide services, including:

  • Stripe for payments
  • Supabase for authentication and storage
  • An AI provider for text generation

A full list of sub-processors is available on request.

11. Contact and Complaints

Email: support@polisync.ai

Data Protection Contact: security@polisync.ai

You may also complain to the UK Information Commissioner's Office if you remain unhappy with our response.

PoliSync.ai has not appointed a statutory Data Protection Officer. Privacy enquiries are handled by our designated data protection contact.

PoliSync.ai, trading as CogniOps Studio Ltd

(UK/EU GDPR Compliant, Trading as CogniOps Studio Ltd)

Privacy Policy

Last Updated: 08 December 2025

1. Who We Are

PoliSync.ai ("we", "us", "our") is a trading name of CogniOps Studio Ltd, a company registered in England and Wales.

  • Registered Name: CogniOps Studio Ltd
  • Trading Name: PoliSync.ai
  • Email: support@polisync.ai
  • Registered Office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
  • Data Protection Contact: security@polisync.ai

We provide an AI-powered platform to help organisations generate, manage, and store internal policies, templates, compliance documents, and staff acknowledgements.

Data Controller and Processor Roles

PoliSync.ai acts as a data controller for account, billing, and platform usage data. For workspace content and organisational data uploaded by customers, PoliSync.ai acts as a data processor on behalf of the workspace owner, in accordance with our Data Processing Agreement.

This aligns Privacy + DPA and avoids ambiguity.

2. What This Policy Covers

This Privacy Policy explains:

  • What personal data we collect
  • How we use it
  • How we store and protect it
  • Your rights
  • How to contact us about privacy

3. What Personal Data We Collect

A. Account Information

When you create a PoliSync.ai account, we process:

  • Name
  • Email address
  • Password, hashed via Supabase; we never see or store raw passwords
  • Workspace name

B. Workspace and Organisational Data

Depending on how you use the platform, you may upload:

  • Company details, such as name, industry, region, staff count
  • Staff email addresses for invitations
  • Policy content, templates, or uploaded documents
  • Internal operational notes, approvals, or logs

C. Billing Information

Billing is handled securely by Stripe. We never store card numbers or payment details.

D. AI Usage Data

When generating policies, we may send anonymised or structured prompts to our AI provider to produce draft content. We do not send raw user-uploaded documents or sensitive personal data.

E. Technical Data

We collect standard technical information, including:

  • IP address
  • Browser type
  • Device information
  • Usage logs, such as errors and page interactions

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain the service, including authentication, workspaces, and templates
  • Generate AI-powered content based on the details you enter
  • Support operational features, such as version tracking, approvals, and activity logs
  • Communicate with you, including service emails, updates, and billing notices
  • Maintain security, detect misuse, and prevent unauthorised access
  • Comply with legal obligations, such as tax, accounting, and audit

We never sell or rent personal data.

We rely on the following legal bases for processing personal data:

  • Contractual necessity, to deliver the platform to registered users
  • Legitimate interests, for improving features and preventing abuse
  • Consent, where analytics or marketing preferences apply
  • Legal obligation, for accounting, tax reporting, or fraud prevention

6. Data Storage and Transfers

Your data is stored in EU and UK-capable regions via:

  • Supabase for authentication, database, and storage
  • Stripe for billing
  • AI provider for policy generation

Where cross-border transfers occur, we apply appropriate safeguards, such as standard contractual clauses and data processing agreements.

International data transfers may occur where our approved sub-processors operate outside the UK or EU.

7. Data Retention

  • Account data: retained while your account is active
  • Billing data: retained for 6 to 7 years to meet legal requirements
  • Backups: retained according to rolling retention schedules
  • Workspace content: retained until deleted by the workspace admin

You may request deletion of your data at any time. Contact security@polisync.ai to submit a request.

8. How We Protect Your Data

We use industry-standard measures to protect personal data, including:

  • Encryption at rest and in transit
  • Password hashing
  • Role-based access control
  • Activity logging
  • Regular internal reviews

9. Your Rights (UK and EU GDPR)

You may request the following:

  • Access to your data
  • Correction of inaccurate data
  • Deletion, the right to be forgotten
  • Restriction of processing
  • Data portability
  • Objection to certain processing

To exercise any rights, contact: security@polisync.ai.

10. Third-Party Services

We use reputable sub-processors to provide services, including:

  • Stripe for payments
  • Supabase for authentication and storage
  • An AI provider for text generation

A full list of sub-processors is available on request.

11. Contact and Complaints

Email: support@polisync.ai

Data Protection Contact: security@polisync.ai

You may also complain to the UK Information Commissioner's Office if you remain unhappy with our response.

PoliSync.ai has not appointed a statutory Data Protection Officer. Privacy enquiries are handled by our designated data protection contact.

PoliSync.ai, trading as CogniOps Studio Ltd

(UK/EU GDPR Compliant, Trading as CogniOps Studio Ltd)

Privacy Policy

Last Updated: 08 December 2025

1. Who We Are

PoliSync.ai ("we", "us", "our") is a trading name of CogniOps Studio Ltd, a company registered in England and Wales.

  • Registered Name: CogniOps Studio Ltd
  • Trading Name: PoliSync.ai
  • Email: support@polisync.ai
  • Registered Office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
  • Data Protection Contact: security@polisync.ai

We provide an AI-powered platform to help organisations generate, manage, and store internal policies, templates, compliance documents, and staff acknowledgements.

Data Controller and Processor Roles

PoliSync.ai acts as a data controller for account, billing, and platform usage data. For workspace content and organisational data uploaded by customers, PoliSync.ai acts as a data processor on behalf of the workspace owner, in accordance with our Data Processing Agreement.

This aligns Privacy + DPA and avoids ambiguity.

2. What This Policy Covers

This Privacy Policy explains:

  • What personal data we collect
  • How we use it
  • How we store and protect it
  • Your rights
  • How to contact us about privacy

3. What Personal Data We Collect

A. Account Information

When you create a PoliSync.ai account, we process:

  • Name
  • Email address
  • Password, hashed via Supabase; we never see or store raw passwords
  • Workspace name

B. Workspace and Organisational Data

Depending on how you use the platform, you may upload:

  • Company details, such as name, industry, region, staff count
  • Staff email addresses for invitations
  • Policy content, templates, or uploaded documents
  • Internal operational notes, approvals, or logs

C. Billing Information

Billing is handled securely by Stripe. We never store card numbers or payment details.

D. AI Usage Data

When generating policies, we may send anonymised or structured prompts to our AI provider to produce draft content. We do not send raw user-uploaded documents or sensitive personal data.

E. Technical Data

We collect standard technical information, including:

  • IP address
  • Browser type
  • Device information
  • Usage logs, such as errors and page interactions

4. How We Use Your Data

We use your personal data to:

  • Provide and maintain the service, including authentication, workspaces, and templates
  • Generate AI-powered content based on the details you enter
  • Support operational features, such as version tracking, approvals, and activity logs
  • Communicate with you, including service emails, updates, and billing notices
  • Maintain security, detect misuse, and prevent unauthorised access
  • Comply with legal obligations, such as tax, accounting, and audit

We never sell or rent personal data.

We rely on the following legal bases for processing personal data:

  • Contractual necessity, to deliver the platform to registered users
  • Legitimate interests, for improving features and preventing abuse
  • Consent, where analytics or marketing preferences apply
  • Legal obligation, for accounting, tax reporting, or fraud prevention

6. Data Storage and Transfers

Your data is stored in EU and UK-capable regions via:

  • Supabase for authentication, database, and storage
  • Stripe for billing
  • AI provider for policy generation

Where cross-border transfers occur, we apply appropriate safeguards, such as standard contractual clauses and data processing agreements.

International data transfers may occur where our approved sub-processors operate outside the UK or EU.

7. Data Retention

  • Account data: retained while your account is active
  • Billing data: retained for 6 to 7 years to meet legal requirements
  • Backups: retained according to rolling retention schedules
  • Workspace content: retained until deleted by the workspace admin

You may request deletion of your data at any time. Contact security@polisync.ai to submit a request.

8. How We Protect Your Data

We use industry-standard measures to protect personal data, including:

  • Encryption at rest and in transit
  • Password hashing
  • Role-based access control
  • Activity logging
  • Regular internal reviews

9. Your Rights (UK and EU GDPR)

You may request the following:

  • Access to your data
  • Correction of inaccurate data
  • Deletion, the right to be forgotten
  • Restriction of processing
  • Data portability
  • Objection to certain processing

To exercise any rights, contact: security@polisync.ai.

10. Third-Party Services

We use reputable sub-processors to provide services, including:

  • Stripe for payments
  • Supabase for authentication and storage
  • An AI provider for text generation

A full list of sub-processors is available on request.

11. Contact and Complaints

Email: support@polisync.ai

Data Protection Contact: security@polisync.ai

You may also complain to the UK Information Commissioner's Office if you remain unhappy with our response.

PoliSync.ai has not appointed a statutory Data Protection Officer. Privacy enquiries are handled by our designated data protection contact.

PoliSync.ai, trading as CogniOps Studio Ltd